Displaying 20 results from an estimated 502 matches for "objectcategori".
Did you mean:
objectcategory
2014 Jul 02
1
sssd_sudo search results different from command line ldapsearch
Hi all! I'm attempting to configure sudo rights from Samba ldap. Alas,
libsssd_samba receives 0 rules and config doesn't work. I think I have
the problem identified here but I don't understand why. The way
sssd_sudo searches for sudoers leave all important attributes out and
of course filtering then fails. Can you help me to understand why
following search results are so different (and
2014 Jul 03
1
How to manipulate ldap access rights on Samba 4?
Hi,
I'm having hard time getting sssd_sudo to work: when sssd_sudo
accesses Samba ldap with host principal 'dc1$@teemu.local' it can't
read necessary attributes like objectclass: sudoRole. When accessing
as Administrator all attributes are shown. How can I enable other
users then Administrator to access sudoers' attributes? Below is an
example.
[root at dc1 var]# kinit
2014 Jun 23
1
NIS extensions - only 3 of 55 entries present
I have a test setup of samba 4.1.6 under ubuntu 14.04.
When I do the query shown at
https://wiki.samba.org/index.php/Using_RFC2307_on_a_Samba_DC#Check_if_NIS_Extensions_are_installed_in_your_Directory
it shows I have the ypServ30 container installed.
If I change this query to -s sub then I find 3 entries in that subtree
(see [1] below)
However the full schema in
2015 May 10
2
bind fails to start w/missing records
Roland,
Thank you very much for your attention to this. You should get a medal for
all the help you give everyone on this list.
On Sun, 10 May 2015, Rowland Penny wrote:
> Why ? And why don't they show up when you ask for the zones with samba-tool ?
I have that many subnets. As for why they don't show up: they are defined
in BIND's configuration and not samba's; they never
2020 Feb 01
2
Ldapsearch against Samba AD returns records outside the search base
Hello,
Is it not Samba that is listening to the LDAP ports and is serving me
the answer to my query? This problem does not only happen when the LDAP
database is searched using ldapsearch, it happens also using other tools
that connect to the LDAP ports. I still don't fully grasp what this has
to do with the uniqueness of the sAMAccountNames - they are unique
throughout my directory and I
2014 Mar 10
1
LDAP Queries
Guys
needing some help with LDAP queries against samba4
this command works against MS AD's LDAP
(&(objectCategory=person)(objectClass=user)(mail=*)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
but
with samba4 I get
C:\Users\Administrator>dsquery * --filter
(&(objectCategory=person)(objectClass=user)(mail=*)(!(userAccountControl:1.2.840.113556.1.4.803:=2)))
I get the
2023 Nov 06
1
LDAP_MATCHING_RULE_IN_CHAIN no longer working after upgrade?
Thank you Kees.
On Mon, 6 Nov 2023 at 09:37, Kees van Vloten via samba
<samba at lists.samba.org> wrote:
> I am currently running at 4.19.2 but I have run 4.18.6 and 4.18.5. I did
> not experience any issues with nested group lookups, which many of the
> filters rely on.
Interestingly, I've now found that (on my current DCs, running
4.18.5), ldbsearch *does* seem to return the
2017 Feb 09
3
Users list and the date the password will expire
NOBODY updates my scripts! Except whoever wants, of course. ;)
Would you mind going into details regarding you changes?
Ole
On 09.02.2017 12:02, Rowland Penny via samba wrote:
> On Thu, 9 Feb 2017 11:26:55 +0100
> Ole Traupe <ole.traupe at tu-berlin.de> wrote:
>
>> But I got the timestamp subtraction constant right from the beginning!
>
> Hope you don't mind but
2015 Apr 23
3
RFC2307 attributes not being read by DC2 in 4.2.1
Hi all
On latest samba 4.2.1 I have provisioned a new domain on DC1 that
successfully reads RFC2307 attributes set on a user account through
ADUC.
wbinfo (correct uid gets resolved from sid)
wbinfo -n fsmith
S-1-5-21-1273750850-484487853-1026460749-1120 SID_USER (1)
wbinfo -S S-1-5-21-1273750850-484487853-1026460749-1120
1000006
ldbsearch
sudo ldbsearch -H
2017 Feb 13
2
Users list and the date the password will expire
Quick addendum: I just stumbled upon abandoned accounts receiving
"password expired" notifications forever, even if they get disabled
subsequently (by me). It might be helpful to include this in the script:
uAC_string=$(ldbsearch --url="${LDBDB}" -b "${domainDN}" -s sub
"(&(objectCategory=person)(objectClass=user)(sAMAccountName=$user))"
2015 May 10
4
bind fails to start w/missing records
On Sun, 10 May 2015, Rowland Penny wrote:
> Have you really got 19 reverse zones for your samba 4 active directory ?
Yep :-)
> Can you try running 'samba-tool ldapcmp ldap://<YOUR_FIRST_DC> ldap://<YOUR_SECOND_DC>
Interesting. DC1 and DC2 have many differences; DC1 and DC3 are the same.
Maybe I will demote DC2 and join it again.
> Check if you actually have dns
2023 Nov 05
2
LDAP_MATCHING_RULE_IN_CHAIN no longer working after upgrade?
I'm quite confused by this one, as I can't see how this would happen..
but after upgrading my DCs from 4.11.10 to 4.18.5, LDAP searches don't
seem to work if they use the :1.2.840.113556.1.4.1941: modifier, aka
LDAP_MATCHING_RULE_IN_CHAIN. (Yes, it was a fairly big version jump..
Yes, I should have upgraded much earlier.. Yes, I know 4.19.x is out
now as well)
Here's a search that
2023 Nov 06
1
LDAP_MATCHING_RULE_IN_CHAIN no longer working after upgrade?
Op 05-11-2023 om 23:25 schreef Jonathan Hunter via samba:
> I'm quite confused by this one, as I can't see how this would happen..
> but after upgrading my DCs from 4.11.10 to 4.18.5, LDAP searches don't
> seem to work if they use the :1.2.840.113556.1.4.1941: modifier, aka
> LDAP_MATCHING_RULE_IN_CHAIN. (Yes, it was a fairly big version jump..
> Yes, I should have
2014 Dec 02
3
guess account
I recived this:
logonCount: 0
sAMAccountName: Guest
sAMAccountType: 805306368
objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=hebe,DC=us
isCriticalSystemObject: TRUE
memberOf: CN=Guests,CN=Builtin,DC=hebe,DC=us
2020 Sep 16
5
PFsense via Samba Authentication Server -> ERROR! ldap_get_groups() could not bind
On 16/09/2020 17:34, Marco Shmerykowsky via samba wrote:
> I followed the instructions on the OpenVPN site for creating
> the bind user:
>
> https://openvpn.net/vpn-server-resources/openvpn-access-server-on-active-directory-via-ldap/#Create_and_configure_a_bind_user
>
OK after reading the supplied link, I think I see where the
miss-understanding is coming from. Under the heading
2020 Feb 01
0
Ldapsearch against Samba AD returns records outside the search base
On 01/02/2020 16:29, Palle Kuling via samba wrote:
>
>
> Queried against Samba 4.11.4 (query is for OU=Business but response is
> from OU=Test):
> $ldapsearch -D username at internal.xxx.yy -w password -H
> ldaps://192.168.1.1 -s one -b ou=business,dc=internal,dc=xxx,dc=yy
> "(&(objectCategory=person)(objectClass=user)(sAMAccountName=testadmin))"
> #
2023 Nov 06
2
LDAP_MATCHING_RULE_IN_CHAIN no longer working after upgrade?
Op 06-11-2023 om 14:58 schreef Jonathan Hunter:
> Thank you Kees.
>
> On Mon, 6 Nov 2023 at 09:37, Kees van Vloten via samba
> <samba at lists.samba.org> wrote:
>> I am currently running at 4.19.2 but I have run 4.18.6 and 4.18.5. I did
>> not experience any issues with nested group lookups, which many of the
>> filters rely on.
> Interestingly, I've now
2015 May 10
0
bind fails to start w/missing records
On 10/05/15 16:08, Steve Thompson wrote:
> Roland,
>
> Thank you very much for your attention to this. You should get a medal
> for all the help you give everyone on this list.
>
> On Sun, 10 May 2015, Rowland Penny wrote:
>
>> Why ? And why don't they show up when you ask for the zones with
>> samba-tool ?
>
> I have that many subnets. As for why they
2020 Apr 02
2
Unable to "show" a group using samba-tool
On 2020-04-01 05:51, Rowland penny via samba wrote:
> On 01/04/2020 09:23, Rowland penny via samba wrote:
>> On 01/04/2020 08:23, Rowland penny via samba wrote: >> On 31/03/2020
>> 22:48, David Kowis via samba wrote: >>> Howdy! >>>
>>>> I'm setting up a domain controller, and things are going >>>
>>>> wonderfully, but
2014 Jun 07
3
Samba 4 / idmap / NIS / winbind
Hi,
how can i get work Samba 4 Sernet 4.1.7 correctly with NIS. Ist provisioned with rfc2307.
When i query a User withi get the following.
getent passwd testswi
SWI\testswi:*:10000:100:testswi:/home/SWI/testswi:/bin/false
I want to change /bin/false to a other value /bin/bash
I tried many things to change the value.
1. ldbedit -e vim -H /var/lib/samba/private/sam.ldb samaccountname=testswi